RPM security (a newbie question)
What does the process of installing new RPM package look like? There are
some commands that such package is allowed to execute, right?
What are RPMs allowed to do, and what is forbidden? Is there any control
layer at all in the package manager, or is the control (e.g., during
package install) simply transferred to RPM-package-provided script??
Also what's the difference between "Everything" and "Fedora" dirs
in
Fedora package tree?
I wonder how easy it is to create a rootkit/trojan horse/whatever and
get it loaded on Fedora users' computers.
Thanks!
STF
=======================================================================
http://eisenbits.homelinux.net/~stf/
OpenPGP: 9D25 3D89 75F1 DF1D F434 25D7 E87F A1B9 B80F 8062
=======================================================================
Attachments:
- signature.asc (application/pgp-signature — 259 bytes)